At LMG Security (LMG) we are frequently asked, “How long should your password be?” It’s a great question. Unless strong Multifactor Authentication (MFA) is universally in use by the organization, we recommend that user passwords should be a minimum of 16 characters in length. Privileged accounts (administrators and service accounts) should be 25 characters or … Continue reading How long should your password be? The data behind a safe password length policy.